1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPhysicalBridge:
33 description: An OVS bridge to create for accessing tenant networks.
35 NeutronPublicInterface:
37 description: Which interface to add to the NeutronPhysicalBridge.
41 description: Mapping of service_name -> network name. Typically set
42 via parameter_defaults in the resource registry.
46 description: Mapping of service endpoint -> protocol. Typically set
47 via parameter_defaults in the resource registry.
53 Setting to a previously unused value during stack-update will trigger
54 package update on all nodes
57 default: '' # Defaults to Heat created hostname
61 description: Optional mapping to override hostnames
65 Additional hiera configuration to inject into the cluster. Note
66 that {{role}}ExtraConfig takes precedence over ExtraConfig.
71 Role specific additional hiera configuration to inject into the cluster.
76 NetworkDeploymentActions:
77 type: comma_delimited_list
79 Heat action when to apply network configuration changes
81 SoftwareConfigTransport:
82 default: POLL_SERVER_CFN
84 How the server should receive the metadata required for software configuration.
87 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
89 default: 'localdomain'
92 The DNS domain used for the hosts. This must match the
93 overcloud_domain_name configured on the undercloud.
94 {{role}}ServerMetadata:
97 Extra properties or metadata passed to Nova for the created nodes in
98 the overcloud. It's accessible via the Nova metadata API. This option is
99 role-specific and is merged with the values given to the ServerMetadata
105 Extra properties or metadata passed to Nova for the created nodes in
106 the overcloud. It's accessible via the Nova metadata API. This applies to
107 all roles and is merged with a role-specific metadata parameter.
109 {{role}}SchedulerHints:
111 description: Optional scheduler hints to pass to nova
116 ServiceConfigSettings:
120 type: comma_delimited_list
122 MonitoringSubscriptions:
123 type: comma_delimited_list
125 ServiceMetadataSettings:
130 description: Command which will be run whenever configuration data changes
131 default: os-refresh-config --timeout 14400
136 Maximum amount of time to possibly to delay configuation collection
137 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
138 the configuration collection to occur as soon as the collection process
139 starts. This setting is used to prevent the configuration collection
140 processes from polling all at the exact same time.
145 type: comma_delimited_list
150 Command or script snippet to run on all overcloud nodes to
151 initialize the upgrade process. E.g. a repository switch.
153 UpgradeInitCommonCommand:
156 Common commands required by the upgrades process. This should not
157 normally be modified by the operator and is set and unset in the
158 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
161 DeploymentServerBlacklistDict:
165 Map of server hostnames to blacklist from any triggered
166 deployments. If the value is 1, the server will be blacklisted. This
167 parameter is generated from the parent template.
170 description: Role Specific Parameters
174 server_not_blacklisted:
177 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
182 type: OS::TripleO::{{role}}Server
185 command: {get_param: ConfigCommand}
186 splay: {get_param: ConfigCollectSplay}
188 image: {get_param: {{role}}Image}
189 image_update_policy: {get_param: ImageUpdatePolicy}
190 flavor: {get_param: Overcloud{{role}}Flavor}
191 key_name: {get_param: KeyName}
194 user_data_format: SOFTWARE_CONFIG
195 user_data: {get_resource: UserData}
198 template: {get_param: Hostname}
199 params: {get_param: HostnameMap}
200 software_config_transport: {get_param: SoftwareConfigTransport}
203 - {get_param: ServerMetadata}
204 - {get_param: {{role}}ServerMetadata}
205 - {get_param: ServiceMetadataSettings}
206 scheduler_hints: {get_param: {{role}}SchedulerHints}
208 # Combine the NodeAdminUserData and NodeUserData mime archives
210 type: OS::Heat::MultipartMime
213 - config: {get_resource: NodeAdminUserData}
215 - config: {get_resource: NodeUserData}
217 - config: {get_resource: RoleUserData}
220 # Creates the "heat-admin" user if configured via the environment
221 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
223 type: OS::TripleO::NodeAdminUserData
225 # For optional operator additional userdata
226 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
228 type: OS::TripleO::NodeUserData
230 # For optional operator role-specific userdata
231 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
233 type: OS::TripleO::{{role}}::NodeUserData
236 type: OS::TripleO::{{role}}::Ports::ExternalPort
238 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
239 IPPool: {get_param: {{role}}IPs}
240 NodeIndex: {get_param: NodeIndex}
243 type: OS::TripleO::{{role}}::Ports::InternalApiPort
245 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
246 IPPool: {get_param: {{role}}IPs}
247 NodeIndex: {get_param: NodeIndex}
250 type: OS::TripleO::{{role}}::Ports::StoragePort
252 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
253 IPPool: {get_param: {{role}}IPs}
254 NodeIndex: {get_param: NodeIndex}
257 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
259 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
260 IPPool: {get_param: {{role}}IPs}
261 NodeIndex: {get_param: NodeIndex}
264 type: OS::TripleO::{{role}}::Ports::TenantPort
266 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
267 IPPool: {get_param: {{role}}IPs}
268 NodeIndex: {get_param: NodeIndex}
271 type: OS::TripleO::{{role}}::Ports::ManagementPort
273 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
274 IPPool: {get_param: {{role}}IPs}
275 NodeIndex: {get_param: NodeIndex}
278 type: OS::TripleO::{{role}}::Net::SoftwareConfig
280 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
281 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
282 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
283 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
284 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
285 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
286 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
289 type: OS::TripleO::Network::Ports::NetIpMap
291 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
292 ExternalIp: {get_attr: [ExternalPort, ip_address]}
293 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
294 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
295 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
296 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
297 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
298 StorageIp: {get_attr: [StoragePort, ip_address]}
299 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
300 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
301 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
302 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
303 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
304 TenantIp: {get_attr: [TenantPort, ip_address]}
305 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
306 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
307 ManagementIp: {get_attr: [ManagementPort, ip_address]}
308 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
309 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
312 type: OS::Heat::Value
320 - - {get_attr: [{{role}}, name]}
322 - {get_param: CloudDomain}
326 - - {get_attr: [{{role}}, name]}
332 - - {get_attr: [{{role}}, name]}
334 - {get_param: CloudDomain}
338 - - {get_attr: [{{role}}, name]}
344 - - {get_attr: [{{role}}, name]}
346 - {get_param: CloudDomain}
350 - - {get_attr: [{{role}}, name]}
356 - - {get_attr: [{{role}}, name]}
358 - {get_param: CloudDomain}
362 - - {get_attr: [{{role}}, name]}
368 - - {get_attr: [{{role}}, name]}
370 - {get_param: CloudDomain}
374 - - {get_attr: [{{role}}, name]}
380 - - {get_attr: [{{role}}, name]}
382 - {get_param: CloudDomain}
386 - - {get_attr: [{{role}}, name]}
392 - - {get_attr: [{{role}}, name]}
394 - {get_param: CloudDomain}
398 - - {get_attr: [{{role}}, name]}
402 type: OS::TripleO::{{role}}::PreNetworkConfig
404 server: {get_resource: {{role}}}
405 RoleParameters: {get_param: RoleParameters}
408 type: OS::TripleO::SoftwareDeployment
409 depends_on: PreNetworkConfig
411 name: NetworkDeployment
412 config: {get_resource: NetworkConfig}
413 server: {get_resource: {{role}}}
414 actions: {get_param: NetworkDeploymentActions}
416 bridge_name: {get_param: NeutronPhysicalBridge}
417 interface_name: {get_param: NeutronPublicInterface}
420 - server_not_blacklisted
421 - {get_param: NetworkDeploymentActions}
424 {{role}}UpgradeInitConfig:
425 type: OS::Heat::SoftwareConfig
431 - - "#!/bin/bash\n\n"
432 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
433 - get_param: UpgradeInitCommand
434 - get_param: UpgradeInitCommonCommand
436 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
437 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
438 {{role}}UpgradeInitDeployment:
439 type: OS::Heat::SoftwareDeployment
440 depends_on: NetworkDeployment
442 name: {{role}}UpgradeInitDeployment
443 server: {get_resource: {{role}}}
444 config: {get_resource: {{role}}UpgradeInitConfig}
447 - server_not_blacklisted
448 - ['CREATE', 'UPDATE']
452 type: OS::Heat::StructuredDeployment
453 depends_on: {{role}}UpgradeInitDeployment
455 name: {{role}}Deployment
456 config: {get_resource: {{role}}Config}
457 server: {get_resource: {{role}}}
459 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
462 - server_not_blacklisted
463 - ['CREATE', 'UPDATE']
467 type: OS::Heat::StructuredConfig
473 - heat_config_%{::deploy_config_name}
475 - {{role.lower()}}_extraconfig
480 - bootstrap_node # provided by allNodesConfig
481 - all_nodes # provided by allNodesConfig
482 - vip_data # provided by allNodesConfig
484 merge_behavior: deeper
487 service_names: {get_param: ServiceNames}
488 sensu::subscriptions: {get_param: MonitoringSubscriptions}
491 - {get_param: ServiceConfigSettings}
492 - values: {get_attr: [NetIpMap, net_ip_map]}
493 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
494 extraconfig: {get_param: ExtraConfig}
496 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
497 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
498 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
499 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
500 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
501 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
502 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
503 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
504 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
505 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
507 # Resource for site-specific injection of root certificate
509 depends_on: {{role}}Deployment
510 type: OS::TripleO::NodeTLSCAData
512 server: {get_resource: {{role}}}
514 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
515 {{role}}ExtraConfigPre:
516 depends_on: {{role}}Deployment
517 type: OS::TripleO::{{role}}ExtraConfigPre
519 server: {get_resource: {{role}}}
521 # Hook for site-specific additional pre-deployment config,
522 # applying to all nodes, e.g node registration/unregistration
524 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
525 type: OS::TripleO::NodeExtraConfig
527 server: {get_resource: {{role}}}
530 type: OS::TripleO::Tasks::PackageUpdate
533 type: OS::Heat::SoftwareDeployment
534 depends_on: NetworkDeployment
536 name: UpdateDeployment
537 config: {get_resource: UpdateConfig}
538 server: {get_resource: {{role}}}
541 get_param: UpdateIdentifier
544 - server_not_blacklisted
545 - ['CREATE', 'UPDATE']
549 type: OS::TripleO::Ssh::HostPubKey
550 depends_on: {{role}}Deployment
552 server: {get_resource: {{role}}}
556 description: IP address of the server in the ctlplane network
557 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
559 description: Hostname of the server
560 value: {get_attr: [{{role}}, name]}
562 description: Mapping of network names to hostnames
564 external: {get_attr: [NetHostMap, value, external, fqdn]}
565 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
566 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
567 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
568 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
569 management: {get_attr: [NetHostMap, value, management, fqdn]}
570 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
575 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
576 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
577 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
578 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
579 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
580 TENANTIP TENANTHOST.DOMAIN TENANTHOST
581 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
582 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
584 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
585 DOMAIN: {get_param: CloudDomain}
586 PRIMARYHOST: {get_attr: [{{role}}, name]}
587 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
588 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
589 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
590 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
591 STORAGEIP: {get_attr: [StoragePort, ip_address]}
592 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
593 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
594 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
595 TENANTIP: {get_attr: [TenantPort, ip_address]}
596 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
597 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
598 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
599 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
600 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
602 description: Entry for ssh known hosts
605 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
606 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
607 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
608 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
609 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
610 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
611 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
612 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
614 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
615 DOMAIN: {get_param: CloudDomain}
616 PRIMARYHOST: {get_attr: [{{role}}, name]}
617 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
618 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
619 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
620 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
621 STORAGEIP: {get_attr: [StoragePort, ip_address]}
622 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
623 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
624 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
625 TENANTIP: {get_attr: [TenantPort, ip_address]}
626 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
627 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
628 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
629 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
630 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
631 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
632 nova_server_resource:
633 description: Heat resource handle for {{role}} server
635 {get_resource: {{role}}}
636 condition: server_not_blacklisted
638 description: IP address of the server in the external network
639 value: {get_attr: [ExternalPort, ip_address]}
640 internal_api_ip_address:
641 description: IP address of the server in the internal_api network
642 value: {get_attr: [InternalApiPort, ip_address]}
644 description: IP address of the server in the storage network
645 value: {get_attr: [StoragePort, ip_address]}
646 storage_mgmt_ip_address:
647 description: IP address of the server in the storage_mgmt network
648 value: {get_attr: [StorageMgmtPort, ip_address]}
650 description: IP address of the server in the tenant network
651 value: {get_attr: [TenantPort, ip_address]}
652 management_ip_address:
653 description: IP address of the server in the management network
654 value: {get_attr: [ManagementPort, ip_address]}